package com.mz.system.filter;

import java.io.IOException;
import java.util.List;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.mz.base.util.ATTSystem;
import com.mz.entity.SysUsers;
import com.mz.service.sys.SysRoleService;

public class PowerUrlFilter implements Filter {

	public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest request = (HttpServletRequest) req;
		HttpServletResponse response = (HttpServletResponse) resp;
		
		String uri = request.getRequestURI();
		
		Object sessionObj = request.getSession().getAttribute(ATTSystem.KEY_SESSION_LOGIN);
		
		List<Long> roleList = ATTSystem.MAP_MENU_URI_ROLE.get(uri);
		if(roleList!=null && roleList.size()>0 && sessionObj!=null){
			SysUsers sysUsers = (SysUsers) sessionObj;
			boolean result = false;
			for(Long roleId : roleList){
				if(roleId == sysUsers.getRoleId()){
					result = true;
					break;
				}
			}
			if(!result){
				response.sendRedirect("/commons/notPower.jsp");
				return;
			}
		}
		chain.doFilter(req, resp);
	}

	public void init(FilterConfig arg0) throws ServletException {
		SysRoleService sysRoleService = new SysRoleService();
		sysRoleService.findSysMenuJoinRole();
	}
	
	public void destroy() {
		
	}

}
